tag:blogger.com,1999:blog-7347279.post1419356182552271808..comments2023-08-26T05:04:33.009-04:00Comments on anti-virus rants: what is a sandbox?kurt wismerhttp://www.blogger.com/profile/03810635947269551517noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-7347279.post-68393531355165315682011-07-11T14:41:49.181-04:002011-07-11T14:41:49.181-04:00@anonymous
i'm not sure how you got the impres...@anonymous<br />i'm not sure how you got the impression that a sandbox is malware. that's the complete opposite of what i meant. sandboxes are something you can use to protect yourself from malware, rather than being malware themselves.kurt wismerhttps://www.blogger.com/profile/03810635947269551517noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-24766377381996516362011-07-10T04:45:06.094-04:002011-07-10T04:45:06.094-04:00so a sandbox is a malware which ca be a fake sourc...so a sandbox is a malware which ca be a fake source that can copy our detail to the others , it can be a phishing method that can trap user information .Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7347279.post-14782695985385927792010-07-30T15:13:17.758-04:002010-07-30T15:13:17.758-04:00@tritty: sandboxing isn't so much a single tec...@tritty: sandboxing isn't so much a single technology as much as it is a general classification of techniques that present an isolated, low-value environment to potential attacks rather than the system we want to protect. it's sort of like a decoy in that respect.<br /><br />there are a number of different ways it can be accomplished, as i described in the post. for the most widely used methods (right now) you'll want to research "application virtualization" or "virtual machines". those are two different techniques for implementing a sandbox.kurt wismerhttps://www.blogger.com/profile/03810635947269551517noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-2810942053850756422010-07-30T15:01:58.032-04:002010-07-30T15:01:58.032-04:00Hi Kurt,
where can i learn more about this sandbox...Hi Kurt,<br />where can i learn more about this sandbox technologyTrittyhttps://www.blogger.com/profile/16971370426550389231noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-89988850983461400712008-03-09T08:10:00.000-04:002008-03-09T08:10:00.000-04:00Hi Kurt!OK, I understand your position...Hi Kurt!<BR/><BR/>OK, I understand your position...Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7347279.post-49788430304211502462008-03-08T15:29:00.000-05:002008-03-08T15:29:00.000-05:00the reason you see nothing about it is because i d...the reason you see nothing about it is because i don't think it belongs in a discussion about sandboxes....<BR/><BR/>a sandbox in it's purest form is an environment in which untrusted/untested/unknown code can run unchecked and still do no harm to the trusted host environment... <BR/><BR/>it's about separating such code from the host environment, not blocking predefined or user-defined behaviours in the trusted host environment... <BR/><BR/>blocking behaviours is more properly the domain of <A HREF="http://anti-virus-rants.blogspot.com/2008/02/what-is-behaviour-blocking.html" REL="nofollow">behaviour blockers</A>...kurt wismerhttps://www.blogger.com/profile/03810635947269551517noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-32143734568027165142008-03-07T12:40:00.000-05:002008-03-07T12:40:00.000-05:00Hi Kurt!I see nothing about policy-based sandboxin...Hi Kurt!<BR/><BR/>I see nothing about policy-based sandboxing here. Policy-based sandboxes do not redirects file and registry modification attempts, but rather automatically block or allow them according their inner policy ruleset.Anonymousnoreply@blogger.com